Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
File: bba6d1fd-8b29-4481-a568-7018abbd9103.roa (raw, json)
Hash identifier: /CAg9eU2q1uYAUinnZ4aE5cJ6RPeNkYugnWWgcjOBFY=
Subject key identifier: 4E:A9:A3:FC:82:C9:8E:92:68:4F:D3:9A:76:63:AE:03:27:A9:2B:47
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33FD4FE774466FD12435A9CC93B86234C4127D5A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
Signing time: Tue 20 May 2025 19:21:29 +0000
ROA not before: Tue 20 May 2025 19:21:29 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:fd:4f:e7:74:46:6f:d1:24:35:a9:cc:93:b8:62:34:c4:12:7d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 19:21:29 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=0f6e0782357959ad183ba6985c7f151345897eb44f1cb5255f19bb29f319f993, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:57:99:76:db:51:a2:5b:13:08:7b:2d:6a:f8:
41:ee:d4:f7:ff:00:18:51:03:64:00:23:b3:e1:83:
f4:64:54:ed:14:d6:c9:0f:cd:32:60:95:34:33:55:
39:dd:31:09:b5:38:a3:6d:c7:14:ce:7c:9b:b9:89:
38:26:c8:62:a8:5e:b7:6f:7b:da:b2:b7:b6:ec:11:
bf:21:39:c7:57:9e:ea:71:0a:38:ab:67:cd:8a:85:
b4:7b:0f:9a:38:31:d8:6e:25:a6:8c:eb:89:65:05:
04:75:50:2d:19:67:98:78:65:0a:7e:f9:04:92:59:
5b:ca:3c:a0:e1:6d:2b:81:9e:69:e8:7e:a5:bf:93:
66:82:a7:e2:59:82:49:12:dd:b0:11:5a:29:76:c0:
6f:a6:5a:5a:2b:e9:6b:a9:cb:e6:14:90:e7:6a:11:
5a:d3:82:23:c4:2e:83:db:b3:33:c7:84:ab:91:59:
0a:2d:7c:9d:4c:4d:1a:0d:ee:2c:9a:ed:6f:8e:61:
2f:6a:36:9d:6e:99:52:0d:31:15:26:f5:c0:87:1f:
5b:4f:23:3b:dd:42:53:17:ff:59:d0:dc:02:c1:a6:
39:33:4f:7b:06:4f:c1:be:54:d0:18:8b:e0:6f:40:
c4:81:7f:8f:58:3f:af:c2:76:8e:53:2e:8f:71:30:
ce:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A9:A3:FC:82:C9:8E:92:68:4F:D3:9A:76:63:AE:03:27:A9:2B:47
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9080::/48
Signature Algorithm: sha256WithRSAEncryption
a0:dc:0a:65:57:8b:bf:7b:9b:0f:2f:e6:bd:62:00:dd:44:d7:
db:dc:cd:e9:49:ae:fb:e9:7f:01:fb:3d:d4:25:1d:37:55:1f:
a1:de:1e:05:b8:e2:4a:ee:06:60:57:63:e6:ac:93:71:c4:70:
fe:cd:f2:0c:fe:4d:99:b7:06:df:ad:e5:cf:b0:50:0e:96:ec:
84:6f:86:b4:c5:60:75:f3:a2:4b:f1:96:ab:aa:8d:9f:26:83:
0e:18:ef:74:89:cc:e2:85:bf:72:e7:5e:64:74:a1:d5:8c:e4:
d4:e8:ab:65:42:8b:ed:b8:92:f6:91:87:1a:4c:60:a1:8d:c0:
c7:f1:3a:85:04:97:e4:d5:98:01:8c:5d:f4:4d:19:56:bf:c4:
86:43:3c:05:cd:97:d9:cf:17:66:31:fc:32:10:cb:a4:a7:73:
cd:cc:1f:c2:dd:c7:11:84:22:a4:c4:4a:d8:e4:69:20:4b:b3:
df:48:b7:da:43:3d:87:83:31:b8:16:29:4f:1b:a1:8e:96:3d:
29:af:8e:11:25:72:c5:f7:87:59:f0:1c:71:ff:6c:f5:d2:8f:
49:49:42:4c:27:1f:6f:e4:70:4b:8d:9c:f5:75:a4:b9:8b:d7:
94:c4:df:c7:84:42:db:0d:88:a1:55:32:c0:83:46:16:69:b7:
cc:7f:89:5e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUM/1P53RGb9EkNanMk7hiNMQSfVowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxOTIxMjlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBmNmUwNzgyMzU3OTU5YWQxODNiYTY5ODVjN2YxNTEzNDU4OTdlYjQ0ZjFj
YjUyNTVmMTliYjI5ZjMxOWY5OTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlXmXbbUaJbEwh7LWr4Qe7U9/8AGFEDZAAjs+GD9GRU7RTWyQ/NMmCVNDNV
Od0xCbU4o23HFM58m7mJOCbIYqhet2972rK3tuwRvyE5x1ee6nEKOKtnzYqFtHsP
mjgx2G4lpozriWUFBHVQLRlnmHhlCn75BJJZW8o8oOFtK4Geaeh+pb+TZoKn4lmC
SRLdsBFaKXbAb6ZaWivpa6nL5hSQ52oRWtOCI8Qug9uzM8eEq5FZCi18nUxNGg3u
LJrtb45hL2o2nW6ZUg0xFSb1wIcfW08jO91CUxf/WdDcAsGmOTNPewZPwb5U0BiL
4G9AxIF/j1g/r8J2jlMuj3Ewzk0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBROqaP8
gsmOkmhP05p2Y64DJ6krRzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmJhNmQxZmQtOGIyOS00NDgxLWE1NjgtNzAxOGFiYmQ5MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAoNwKZVeLv3ubDy/mvWIA3UTX29zN6Umu++l/
Afs91CUdN1Ufod4eBbjiSu4GYFdj5qyTccRw/s3yDP5NmbcG363lz7BQDpbshG+G
tMVgdfOiS/GWq6qNnyaDDhjvdInM4oW/cudeZHSh1Yzk1OirZUKL7biS9pGHGkxg
oY3Ax/E6hQSX5NWYAYxd9E0ZVr/EhkM8Bc2X2c8XZjH8MhDLpKdzzcwfwt3HEYQi
pMRK2ORpIEuz30i32kM9h4MxuBYpTxuhjpY9Ka+OESVyxfeHWfAccf9s9dKPSUlC
TCcfb+RwS42c9XWkuYvXlMTfx4RC2w2IoVUywINGFmm3zH+JXg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:20 2025 by rpki-client